That recognition of our series was especially timely, because I was in London at the time to participate in a roundtable of the U.K.’s Financial Conduct Authority on the topic of today’s podcast. The FCA has taken the lead globally in proposing creation of a “regulatory sandbox” – a safe space in which financial innovators can experiment with ideas that might benefit consumers, but that could hit trip wires or raise concerns under today’s rules.

Americans should focus on this: the U.K. has adopted a national strategy, from its top leaders on down, of becoming the fintech capital of the world. One facet of that strategy is the FCA’s launch ofProject Innovate, which has goals like this one: “We promote competition through disruptive innovation − innovation that offers new services to customers and challenges existing business models.” Consider that language – the regulator is explicitly “promoting…disruptive innovation.”

The FCA’s efforts include creating an Innovation HUB that provides support for promising innovation, and a methodical review of how regulation impacts innovation. Last year they formally requested public input on two crucial questions: what regulations are impeding beneficial innovation, and is there a need for new regulations to foster innovation? While digesting the resulting comments, they put out their proposal on the sandbox concept. They’ve been sharing these ideas globally and exploring very creative approaches, like whether it would make sense to create a “virtual sandbox” in which innovators could test certain ideas through shared data, without exposing real consumers to any risk at all.

Lawrence Wintermeyer of Innovate Finance, speaking at the FCA’s December sandbox roundtable, cited growing excitement around both “fintech” and “regtech.” He argued that London has the “tech” of the U.S. west coast, the “fin” of New York, and the “reg” of Washington – all clustered in one city where everyone can get together by public transport in fifteen minutes. The U.K. has other innovation advantages over the U.S., including a more concentrated banking system and a much simpler regulatory structure. Startups are also attracted by the ability to “passport” UK activities throughout the European Union, offering easy access to large markets. All this contrasts sharply with the U.S. model in which innovators seeking national scale must undertake the complex process of securing either a bank charter or 50 state licenses, or both. Still, part of London’s innovation success clearly stems from deciding to value the upside promise of innovation, in addition to policing the very real downside risk. The FCA’s efforts include a conscious effort to be nimble – something that does not come easily to any regulatory system. The resulting vibrancy is palpable.

On this side of the Atlantic

In the U.S., the same thinking is gaining traction. Comptroller of the Currency Tom Curry has appointed anew task force for Responsible Innovation, as we discussed in our recent episode with him. The CFPB has its Project Catalyst innovation lab, and the Federal Reserve Bank of San Francisco held a conference last fall on the “(R)evolution Underway” in financial services, addressing “how technological changes are presenting opportunities and challenges for financial institutions while compelling regulatory agencies to think about how innovation impacts the supervisory process.”

These U.S. discussions increasingly include exploration of creating a regulatory sandbox – which brings me to our guest for this episode.

Nitish Pandey is Senior Vice-President & Chief Legal Officer, U.S. Personal & Commercial Banking, for BMO Financial Group of BMO Harris. He believes our financial ecosystem needs a safe sandbox in which to innovate (as did Jesse McWaters and Rob Galaski in our episode on the “Secrets of Fintech”).

Nitish and I started discussing the sandbox concept last summer (before the U.K.’s proposal). I’d convened a roundtable on disruption of consumer finance and how to (and not to) regulate it. Nitish, whom I’ve known for years, came to the meeting armed with the most specific blueprint I had seen on these ideas. In the months since then, he’s refined it and shared it publically several times.

The goal of a sandbox approach is to allow testing of pro-consumer innovation, while assuring that customers are still well-protected. The issue has endless subtopics. For instance, is a sandbox really needed? How do current rules impede innovation -- if they do – and which ones are most problematic? Is it appropriate to use the concept of “risk tolerance” in consumer protection? If so, can risks be defined? Can they be quantified and measured?

And, if a sandbox would help, how should it be designed? Do regulators have the legal power to waive or suspend rules to allow experimentation and if not, should they? What standards should innovators have to meet? How would experiments be time-limited? What standards should be used to permit them, and to judge their success? If new ideas prove out, should they be publicized? Should the whole market be allowed to adopt them? If so, would this require extensive rewriting of current rules? Will innovators have sufficient incentive to enter the sandbox, if competitors can simply adopt the ideas they pilot (in contrast to, say, government approval of new drugs after testing that ultimately produce patents)? How can innovators protect their confidential intellectual property? Would agency pre-review of sandbox proposals bog innovation down in bureaucracy, defeating the purpose of the whole exercise?

And perhaps most importantly, how should consumers in a sandbox be protected? What limits should be placed on potential harm to them? Should they be compensated for any harm and if so, how? What disclosures should they receive? Should they have to give consent? How would harm be quantified?

While Nitish doesn’t try to answer all of these questions, he tackles many of the hardest ones. And he pinpoints a core issue that’s widely underestimated. The problem is not just rigid and potentially counterproductive regulatory requirements. It’s also the sheer cost and effort of implementing full-scope compliance for virtually any change. If businesses can’t inexpensively test how customers would respond to an innovation, they won’t offer it. And they can’t test real-life response to new ideas today, without also building out massive compliance machinery – Nitish calls it the “pipes” – affecting nearly every function of the company. We’re in a “Lean Startup” world today where innovators grow by designing and refining a minimum viable product (MVP) through quick, intensive consumer interaction. Traditional companies can’t do this well, partly because their compliance systems weigh them down.

Nitish has ideas how to design and execute a practical solution for this – without going bureaucrazy!

Compliance as innovator?

While I had Nitish with me, I also took the chance to have him share his advice on the revolution underway in the compliance function. He is the first bank compliance manager we’ve had as a guest, and a visionary in the field.

He believes, as I do, that consumer financial protection is migrating from a rules-based system to an increasingly principles-based one. That shift is bringing permanent uncertainty which, in turn, requires deeply remaking the compliance management model. “It used to be, if you knew your regulations, you were fine,” he says in our discussion, whereas today’s compliance manager is a “true risk management professional who can be creative in the process and demonstrate excellent judgment as we rapidly move into an increasingly gray world.” He lays out the new role of compliance in today’s bank, why it’s needed, the key changes required, and how to make it happen.

Nitish’s insight derives partly from his broad background. He has undergraduate and postgraduate qualifications in Law, Economics and Management in his native Australia and has held positions ranging from marketing to nearly every facet of risk management. He spent a decade at American Express in Compliance, Risk Management and Operations, focusing on consumer, small business and commercial portfolios. He was Deputy Chief Compliance Officer for American Express Centurion Bank, responsible for the oversight and implementation of the bank’s Compliance Program. In November 2014 he joined BMO as Chief Compliance Officer (CCO) for U.S. Personal and Commercial Banking.